hassle free security automation with free and open source
play

Hassle Free Security Automation with Free and Open Source tools - PowerPoint PPT Presentation

Hassle Free Security Automation with Free and Open Source tools Anderson Dadario https://dadario.com.br - - - - - - - - - - - - - - Source: https://blog.ripstech.com/2016/the-state-of-wordpress-security/ [1] Source:


  1. Hassle Free Security Automation with Free and Open Source tools Anderson Dadario https://dadario.com.br

  2. - - -

  3. - -

  4. - -

  5. - - -

  6. - -

  7. - -

  8. Source: https://blog.ripstech.com/2016/the-state-of-wordpress-security/

  9. [1] Source: https://en.wikipedia.org/wiki/SQL_injection

  10. Source: https://www.iamthecavalry.org/

  11. Who are these guys? Aaron Weaver and Matt Tesauro, respectively. They work on a few OWASP projects, including OWASP AppSec Pipeline and OWASP Defect Dojo. They work on those projects because they are the calvary themselves. Not only them, but these picture came very handy.

  12. Source: https://en.wikipedia.org/wiki/Loss_aversion

  13. Source: https://www.schneier.com/essays/archives/2008/07/how_the_human_brain.html

  14. - -

  15. - - - -

  16. - - -

  17. Source: https://fitzvillafuerte.com/the-principle-of-leverage-and-how-to-use-it-in-our-life.html

  18. - - -

  19. - - - - -

  20. - - -

  21. - - - -

  22. 2) Configurable actions can be chosen to be executed after a new server is detected. They can be configured right from the configuration file, without needing to code. In the configuration file there is an example of how to add a new scanner (e.g., StartPing) 1) Periodically scan the entire 3) Scans’ reports can be sent to network segment (e.g., your inbox, to a URL 192.168.0.0/24) and look for (CostaScanner issues a servers that are up. If a POST HTTP Request) or just server is up for the first time, be saved to a file. CostaScanner trigger actions such as 1) Notify all newly detected servers by email 2) CostaScanner Scan each new server using tools defined by you. CostaScanner stores asset data in the “database.txt” file

  23. # Targets # Note: [1] targets must be separated by "," without spaces # [2] if you have an individual IP address, just fill it # by appending "/32" as the following: "192.168.1.10/32" TARGETS=192.168.0.0/24

  24. # Operations after a server has been discovered # Custom Operations can be set in this configuration file # Let's suppose that we want to run the "ping" scanner # First of all, it must be installed (check Dockerfile) # After that, you can set a new operation just like below # # [ # { # "name":"StartPing", # "operation":"StartScanner", # "data": # { # "scanner":"ping", # "params":["-c","1","%server%"] # } # } # ] # # It will execute: $ ping -c 1 <server> # # After that, make sure to set it as an operation to be executed # CUSTOM_OPERATIONS=[{"name":"StartPing","operation":"StartScanner","data":{"scanner":"ping","params":["-c","1","%server%"]}}]

  25. # Default Available: Print, SendEmail, StartNmap, SendWebhook, RegisterOnGauntlet # Note: operations must be separated by "," without spaces OPERATIONS=Print,SendEmail,StartNmap,StartPing # Redis # In case you want to use an external Redis # Change the URL below REDIS_URL=redis://localhost:6379/infosec # WEBHOOK # URL to send a POST # Containing all newly discovered servers WEBHOOK_URL=https://mydomain.com/some-uri

  26. # SCANNER SCANNER_SEND_EMAIL=True SCANNER_SEND_WEBHOOK=False SCANNER_SAVE_TO_FILE=True # SMTP # Auth types: none, plain, login, cram_md5 # Note: SMTP_TO can be multiple emails # but they need to be separated by "," # without spaces SMTP_TO=me@gmail.com SMTP_FROM=noreply@mydomain.com SMTP_SUBJECT=New servers were found! SMTP_HOST=smtphost.com SMTP_PORT=587 SMTP_ENABLE_STARTTLS_AUTO=True SMTP_USER=aaa SMTP_PASS=bbb SMTP_DOMAIN=mydomain.com SMTP_AUTH=plain

  27. - -

  28. Dockerfile Docker Image Docker Containers I’ve made a free docker security course [in pt-br and en-us]: https://dadario.com.br/courses/

  29. Dockerfile Run Container FROM ubuntu:14.04 $ docker run --name redis -d AndersonDadario/redis RUN apt-get update && apt-get install -y redis-server EXPOSE 6379 ENTRYPOINT ["/usr/bin/redis-server"] Build Image $ docker build -t AndersonDadario/redis . Dockerfile Docker Image Docker Containers I’ve made a free docker security course [in pt-br and en-us]: https://dadario.com.br/courses/

  30. - - - - - -

  31. - -

  32. - -

  33. - -

  34. - -

  35. - - -

  36. - - - -

  37. - - -

  38. Anderson Dadario @andersonmvd https://dadario.com.br

Recommend


More recommend